migrating to the more conventional static arp/unnumbered ipv4 routing based on the BGP unnumbered RFC just without the BGP ;) ... its nice this way cause if we do decide to add BGP on top on a later time it will look essentially the same, just dynamic... for now it's static though ;)

This commit is contained in:
toby 2019-03-08 20:09:13 +00:00
parent 22b4da07a3
commit 1cf4ef12f7
1 changed files with 15 additions and 9 deletions

View File

@ -9,7 +9,9 @@ fi
source /etc/libvirt/hooks/$IFACE source /etc/libvirt/hooks/$IFACE
### I need to keep this for backwards compatibility but PUBLICMAC should always be set since it absolutely needs to match the MAC the VM has been assigned by qemu. otherwise nothign will work ### PUBLICMAC should always be set, keeping this for compatibility with libvirt.
### the MAC the VM has been assigned by qemu needs to be known here, but AFAIK libvirt doesn't support exporting env vars to ifup script, so this needs to be static on the public interface in qemu
### if this is not set correctly the routing in the VM won't work
: ${PUBLICMAC:=52:54:00:00:00:11} : ${PUBLICMAC:=52:54:00:00:00:11}
### ###
@ -30,17 +32,20 @@ eui64() {
printf "fe80::%02x%02x:%02xff:fe%02x:%02x%02x" printf "fe80::%02x%02x:%02xff:fe%02x:%02x%02x"
} }
gwmac() {
### libvirt replaces the first octet in the mac with fe, so may as well stick to that for consistency,
### the only thing that matters is that we know and it's predictable from within the VM
local macaddr="$1"
printf "%02x%s" "0xfe" "${macaddr:2}"
}
ip link set ${IFACE} address $(gwmac $PUBLICMAC) up
ip link set up ${IFACE} arp -i ${IFACE} -s 169.254.0.1 ${PUBLICMAC}
ip addr add fe80::1/64 dev ${IFACE}
arp -i ${IFACE} -Ds 169.254.0.1 ${IFACE} netmask 255.255.255.255 pub
IFS=',' read -ra IPS <<< "$IP" IFS=',' read -ra IPS <<< "$IP"
for IP in "${IPS[@]}"; do for IP in "${IPS[@]}"; do
if [[ $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/([0-9]{2})$ ]]; then ### we got a IPv4 prefix < maxprefixv4 if [[ $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/([0-9]{2})$ ]]; then ### we got a IPv4 prefix < maxprefixv4
if [ ${BASH_REMATCH[1]} -lt $maxprefixv4 ]; then if [ ${BASH_REMATCH[1]} -lt $maxprefixv4 ]; then
echo "we don't support such a big customer net?" echo "we don't support such a big customer net?"
continue continue
@ -52,9 +57,10 @@ for IP in "${IPS[@]}"; do
fi fi
echo "we got IPv4 with prefix ${BASH_REMATCH[0]}" echo "we got IPv4 with prefix ${BASH_REMATCH[0]}"
ip route add ${IP} dev ${IFACE} ip route add ${IP} via 169.254.0.1 dev ${IFACE} onlink metric 1
ip route add ${IP} dev ${IFACE} metric 255
elif [[ $IP =~ ^2604:bbc0:[0-9,a-f,:]{1,444}/([0-9]{2,3})$ ]]; then ### we got a PIv6 prefix < masprefixv6 elif [[ $IP =~ ^2604:bbc0:[0-9,a-f,:]{1,444}/([0-9]{2,3})$ ]]; then ### we got a PIv6 prefix < masprefixv6
if [ ${BASH_REMATCH[1]} -lt $maxprefixv6 ]; then if [ ${BASH_REMATCH[1]} -lt $maxprefixv6 ]; then
echo "we don't support such a big customer net?" echo "we don't support such a big customer net?"